opendev/system-config
Code Issues Proposed changes
9ab25e89a9
system-config/playbooks/roles/letsencrypt-create-certs
History
James E. Blair 48cafd19f8 Add LE cert for logs.opendev.org to static 
This can be used in an apache vhost later, but should be fine to
merge now.

Depends-On: https://review.opendev.org/673902
Change-Id: Ic2cb7585433351ec1bdabd88915fa1ca07da44e7
2019-07-31 13:00:50 -07:00
..
defaults letsencrypt: split staging and self-signed generation 2019-04-10 08:47:32 +10:00
handlers Add LE cert for logs.opendev.org to static 2019-07-31 13:00:50 -07:00
tasks Use handlers for letsencrypt cert updates 2019-05-14 08:14:51 +10:00
README.rst letsencrypt: split staging and self-signed generation 2019-04-10 08:47:32 +10:00

README.rst

Generate letsencrypt certificates

This must run after the letsencrypt-install-acme-sh, letsencrypt-request-certs and letsencrypt-install-txt-records roles. It will run the acme.sh process to create the certificates on the host.

Role Variables

If set to True, will locally generate self-signed certificates in the same locations the real script would, instead of contacting letsencrypt. This is set during gate testing as the authentication tokens are not available.

If set to True will use the letsencrypt staging environment, rather than make production requests. Useful during initial provisioning of hosts to avoid affecting production quotas.

The same variable as described in letsencrypt-request-certs.